Docker简介,功能特性与应用场景
- KVM是一个硬件级服务器虚拟化,也就是说KVM虚拟的都是服务器的硬件;将真是硬件通过虚拟化引擎hypevisor然后通过统一的访问接口vitio;操作系统级别的都是独立的,能够安全隔离,安全可靠,稳定,但是共用真实硬件(CPU、内存、硬盘等资源);但是对CPU、系统资源占用高。
- 大多数用在真实的服务器上做虚拟化
- 硬虚拟化分为全虚拟化和半虚拟化,全虚拟化没有vitio,虚拟硬件A通过虚拟化引擎转到真实硬件接口,/dev/sda文件通过真实硬件接口访问的是真实硬件的接口文件,再去访问硬件,访问过程太长,效率非常低。于是出现半虚拟化vitio直接访问真实硬件,中间省去很多过程,提高效率。
- 半虚拟化是通过vitio统一接口文件访问真实硬件,效率高
- docker容器级操作系统虚拟化,应用容器引擎,虚拟的是操作系统,使用的是真实硬件,效率比KVM高
镜像在硬盘中,容器存放在内存中
- Docker简介
- Docker是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何流行的Linux机器上,也可以实现虚拟化,容器是完全使用沙箱机制,相互之间不会有任何接口。
- 一个完整的Docker有以下几个部分组成:
- Docker Client 客户端
- Docker Daemon 守护进程
- Docker Image 镜像
- Docker Container 容器
- Docker功能特性
- 隔离环境(系统,网络,文件系统)与应用
- 解决依赖与版本问题
- 易于分发,开箱即用
- 节点与容器快速扩容
- 镜像制作简单便捷,管理方便
沙箱是一个虚拟系统程序,沙箱提供的环境相对于每一个运行的程序都是独立的,而且不会对现有的系统产生影响。
沙箱的应用
(1)搭建测试环境。沙箱的应用只能访问自己的应用访问目录,而不能应用之间的资源进行共享,这样就形成了一个相对安全的机制,由于沙箱具有非常良好的独立性、隔离性,所以能够搭建一些具有高风险的软件进行测试。
(2)应用容器的利用,如Docker就是完全使用沙箱机制,这样使得应用组件经过Docker的封装,可以随意移植到服务上。
(1)隔离
- 通过cgroup(隔离和跟踪资源的使用)& namespace(组与组之间隔离)来实现轻量级的进程隔离
- 对于容器中运行的进程来说,自己独占了一个系统
- 容器间网络,文件及其他资源都互相隔离
(2)版本与依赖 - 传统模式下,多个不同环境或版本的项目需要部署在不同机器上,部署与后期维护管理复杂繁琐。
- 使用Docker,通过多个不同版本或者环境的镜像,可以同时运行在一台机器上互不干扰,部署与后期维护简单方便。
(3)分发与使用 - 镜像可以通过导入,导出,上传到镜像仓库等多种方式进行分发
- 在启动了Docker的系统上直接使用docker run即可启动镜像,无需特别配置。
(4)扩容 - 容器扩容简单方便
- 扩容节点只需安装并启动Docker即可
(5)镜像制作 - 镜像的灵魂Dockerfile
- 使用Dockerfile进行指令控制
- 基于Linux命令,易于理解,快速上手
- 易于定制与修改
- Docker应用场景
- Docker通常应用于如下场景:
- web应用的自动化打包和发布;
- 自动化测试和持续集成,发布;
- 应用服务,如MySQL,Redis等,通过Docker实现快速部署;
- k8s私有云
3.1 场景1:多版本多种类系统与软件
3.2 场景2: 环境
3.3 场景3: 分发
软件、运行环境一起封装,做成镜像,用户只需要安装docker就可以,不存在版本兼容性问题(无论用户是什么系统、版本)
Docker的安装
- 安装环境
最小化安装Centos7.5
[root@Docker ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root@Docker ~]# uname -r
3.10.0-862.3.3.el7.x86_64
关闭防火墙和selinux
[root@Docker ~]# systemctl stop firewalld
[root@Docker ~]# systemctl disable firewalld
[root@Docker ~]# setenforce 0
setenforce: SELinux is disabled
- 版本选择
- Docker
- 17.03之后版本变为Docker CE(普通版)
- Docker CE
- 社区版,Community Edition
- Docker EE
- 企业版,Enterprise Edition
- 收费版本,强调安全性,提供一些高级特性及商业支持
- Docker安装:标准版本
特别提示:
centos7.5在搭建本地yum仓库的时候只需要修改
CentOS-Media.repo 文件即可(不需要将其他文件仍子目录里)
确保虚拟机能正常上网
[root@Docker ~]# yum -y install docker
[root@Docker ~]# systemctl start docker #启动docker进程
[root@Docker ~]# systemctl enable docker #加入docker开机启动
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@Docker ~]# docker ps #查看封装在docker镜像中的正在运行的镜像进程
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
[root@Docker ~]# docker version
Client:
Version: 1.13.1
API version: 1.26
Package version: docker-1.13.1-63.git94f4240.el7.centos.x86_64
Go version: go1.9.4
Git commit: 94f4240/1.13.1
Built: Fri May 18 15:44:33 2018
OS/Arch: linux/amd64
Server:
Version: 1.13.1
API version: 1.26 (minimum version 1.12)
Package version: docker-1.13.1-63.git94f4240.el7.centos.x86_64
Go version: go1.9.4
Git commit: 94f4240/1.13.1
Built: Fri May 18 15:44:33 2018
OS/Arch: linux/amd64
Experimental: false
- Docker安装:CE社区版
首先清理掉yum安装的docker标准版
这里有两种方式
#第一种清理docker方法
[root@Docker ~]# yum -y remove docker
#第二种清理docker方法
[root@Docker ~]# yum history list #查看yum安装的历史列表
已加载插件:fastestmirror
ID | 登录用户 | 日期和时间 | 操作 | 变更数
-------------------------------------------------------------------------------
6 | root <root> | 2018-07-02 22:30 | Install | 17 EE #这次就是安装的docker
5 | root <root> | 2018-07-02 20:08 | I, U | 60
4 | root <root> | 2018-07-03 03:54 | Install | 93
3 | root <root> | 2018-07-03 03:53 | Install | 1
2 | root <root> | 2018-07-03 03:53 | Install | 1
1 | 系统 <空> | 2018-07-03 03:46 | Install | 313
history list
[root@Docker ~]# yum history info 6 #查看yum历史安装ID为6的安装信息
已加载插件:fastestmirror
事务 ID: 6
起始时间 : Mon Jul 2 22:30:11 2018
启动 RPM 数据库 : 409:3aba29f1d5b7e2d7ff3ed9f169ec4a2225595390
结束时间 : 22:30:27 2018 (16 秒)
结束 RPM 数据库 : 426:28338758ec6a2332cabb3a1439336bd451c52366
用户 : root <root>
返回码 : 成功
命令行 : -y install docker
事务完成属主:
已安装 rpm-4.11.3-32.el7.x86_64 @anaconda
已安装 yum-3.4.3-158.el7.centos.noarch @anaconda
已安装 yum-plugin-fastestmirror-1.1.31-45.el7.noarch @anaconda
已变更的包:
依赖安装 audit-libs-python-2.8.1-3.el7.x86_64 @base
依赖安装 checkpolicy-2.5-6.el7.x86_64 @base
依赖安装 container-selinux-2:2.55-1.el7.noarch @extras
依赖安装 container-storage-setup-0.9.0-1.rhel75.gite0997c3.el7.noarch @extras
安装 docker-2:1.13.1-63.git94f4240.el7.centos.x86_64 @extras
依赖安装 docker-client-2:1.13.1-63.git94f4240.el7.centos.x86_64 @extras
依赖安装 docker-common-2:1.13.1-63.git94f4240.el7.centos.x86_64 @extras
依赖安装 libcgroup-0.41-15.el7.x86_64 @base
依赖安装 libsemanage-python-2.5-11.el7.x86_64 @base
依赖安装 oci-register-machine-1:0-6.git2b44233.el7.x86_64 @extras
依赖安装 oci-systemd-hook-1:0.1.15-2.gitc04483d.el7.x86_64 @extras
依赖安装 oci-umount-2:2.3.3-3.gite3c9055.el7.x86_64 @extras
依赖安装 policycoreutils-python-2.5-22.el7.x86_64 @base
依赖安装 python-IPy-0.75-6.el7.noarch @base
依赖安装 setools-libs-3.3.8-2.el7.x86_64 @base
依赖安装 skopeo-containers-1:0.1.29-3.dev.git7add6fc.el7.0.x86_64 @extras
依赖安装 yajl-2.0.4-4.el7.x86_64 @base
Scriptlet 输出:
1 setsebool: SELinux is disabled.
history info
[root@Docker ~]# yum -y history undo 6 #进行yum安装操作回退
#特别提示:
yum的回退安装在工作中很有用,请留心学习
安装Docker的CE社区版
#安装依赖包
[root@localhost ~]# yum -y install yum-utils device-mapper-persistent-data lvm2
#添加docker的CE版本的yum源配置文件
[root@localhost ~]# curl https://download.docker.com/linux/centos/docker-ce.repo -o /etc/yum.repos.d/docker-ce.repo
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2424 100 2424 0 0 4879 0 --:--:-- --:--:-- --:--:-- 4877
[root@localhost ~]# ll /etc/yum.repos.d/docker-ce.repo
-rw-r--r-- 1 root root 2424 Jan 11 10:52 /etc/yum.repos.d/docker-ce.repo
#安装CE版本的docker
[root@localhost ~]# yum -y install docker-ce
[root@localhost ~]# systemctl start docker #启动docker
[root@localhost ~]# systemctl enable docker #添加开机启动
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@localhost ~]# docker version #查看docker版本
Client:
Version: 18.09.1
API version: 1.39
Go version: go1.10.6
Git commit: 4c52b90
Built: Wed Jan 9 19:35:01 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.1
API version: 1.39 (minimum version 1.12)
Go version: go1.10.6
Git commit: 4c52b90
Built: Wed Jan 9 19:06:30 2019
OS/Arch: linux/amd64
Experimental: false
Docker的操作命令
- 添加docker国内镜像源
在开始学习docker之前,我们首先要更改一下docker的默认源镜像下载地址(默认是从国外下载,很慢),我们需要添加国内的源地址
[root@localhost ~]# vim /etc/docker/daemon.json
{
"registry-mirrors":["https://registry.docker-cn.com"]
}
- Docker命令:search
用于从docker的官方公有镜像仓库查找镜像
(1)查看Docker Hub上公开的centos镜像
[root@localhost ~]# docker search centos
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5107 [OK]
ansible/centos7-ansible Ansible on Centos7 119 [OK]
jdeathe/centos-ssh CentOS-6 6.10 x86_64 / CentOS-7 7.5.1804 x86… 105 [OK]
特别说明:
Name:镜像的名字
DESCRIPTION:描述
STARS:星级(越高越好)
OFFICIAL:是否是官方发布的
AUTOMATED:是否自动化的
(2)查找星级多于100的centos镜像
[root@localhost ~]# docker search centos -f stars=100
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5108 [OK]
ansible/centos7-ansible Ansible on Centos7 119 [OK]
jdeathe/centos-ssh CentOS-6 6.10 x86_64 / CentOS-7 7.5.1804 x86… 105 [OK]
特别提示:
/:符号用于分割作者名称和镜像名称
ansible/centos7-ansible:ansible是作者名称,centos7-ansible是镜像名称
(3)多条件查找–filter
#查找官方发布的,星级大于100的centos镜像
[root@localhost ~]# docker search centos --filter is-official=true --filter stars=100
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
centos The official build of CentOS. 5108 [OK]
- Docker命令:build
用于本地自定义镜像的构建,需要创建Dockerfile文件(具体写法后面会讲,这里同学们先看)
#创建Dockerfile文件的存储目录
[root@localhost ~]# mkdir -p /root/dockerfile/lib/centos/7
[root@localhost ~]# cd /root/dockerfile/lib/centos/7
#创建docker.sh脚本
[root@localhost 7]# vim docker.sh
#!/bin/bash
while true
do
echo "welcome"
sleep 5
done
#创建Dockerfile配置文件,文件名称必须为Dockerfile,第一个字母必须大写
[root@localhost 7]# vim Dockerfile
FROM centos #从centos源镜像的基础上进行构建
LABEL MAINTATNER="daisy.com" #作者的名称
RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime #RUN:在镜像构建过程中运行命令
COPY docker.sh /home/test/ #从本地系统中把docker.sh文件添加到构建中的镜像的/home/test/目录下,如果没有该目录会自动创建
RUN chmod +x /home/test/docker.sh #在镜像构建过程中运行命令
CMD ["/home/test/docker.sh"] #构建镜像完成时,最后执行的命令
#根据Dockfile配置文件构建一个自定义镜像
[root@localhost 7]# docker build -t daisy/centos7:1 . #-t 指定镜像名称 :1 设定镜像的tag标记
Sending build context to Docker daemon 3.072kB
Step 1/6 : FROM centos
latest: Pulling from library/centos
a02a4930cb5d: Pull complete
Digest: sha256:184e5f35598e333bfa7de10d8fb1cebb5ee4df5bc0f970bf2b1e7c7345136426
Status: Downloaded newer image for centos:latest
---> 1e1148e4cc2c
Step 2/6 : LABEL MAINTATNER="daisy.com"
---> Running in 55c11ddeb599
Removing intermediate container 55c11ddeb599
---> 1df6b8470038
Step 3/6 : RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
---> Running in cd3354aa7905
'/etc/localtime' -> '/usr/share/zoneinfo/Asia/Shanghai'
Removing intermediate container cd3354aa7905
---> 1c3aa890a559
Step 4/6 : COPY docker.sh /home/test/
---> fdbc7d3a8f09
Step 5/6 : RUN chmod +x /home/test/docker.sh
---> Running in 62ab05f2a50d
Removing intermediate container 62ab05f2a50d
---> 21970f6bc5b6
Step 6/6 : CMD ["/home/test/docker.sh"]
---> Running in 1ecf518f7c50
Removing intermediate container 1ecf518f7c50
---> c3dac530e21b
Successfully built c3dac530e21b
Successfully tagged daisy/centos7:1
- Docker命令:pull
用于从Docker Hub上下载公有镜像
#查找符合条件的hello-world镜像
[root@docker ~]# docker search hello-world --filter is-official=true --filter stars=100
NAME DESCRIPTION STARS OFFICIAL AUTOMATED
hello-world Hello World! (an example of minimal Dockeriz… 572 [OK]
#下载目标hello-world镜像
[root@docker ~]# docker pull hello-world
Using default tag: latest
latest: Pulling from library/hello-world
9bb5a5d4561a: Pull complete
Digest: sha256:3e1764d0f546ceac4565547df2ac4907fe46f007ea229fd7ef2718514bcec35d
Status: Downloaded newer image for hello-world:latest #下载成功latest是标记tag
#下载目标centos:7镜像
[root@docker 7]# docker pull centos:7 #网速不好的话,需要点时间耐心等待
- Docker命令:images
用于本地镜像的查看
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos7 1 c3dac530e21b About a minute ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
特别说明:
REPOSITORY:镜像仓库(下边罗列的都是本地已有镜像名称)
TAG:镜像的标记(为了区分同名镜像)
IMAGES ID:镜像的ID号
CREATED:此镜像的创建时间
SIZE:此镜像的大小
- Docker命令:run
运行一个本地镜像
[root@localhost 7]# docker run -dit 1e1148e4cc2c /bin/bash
1befcadcb16dd103e7dc44b7db90ce603895534d2487a7ac4c52f65a41a05000
[root@localhost 7]# docker run -dit daisy/centos7:1 /bin/bash
72694521cc64dc02afc824be6eed99a04ddf1671cfc55e2bc45c9ac0177a1e80
特别提示:
docker run:运行一个指定的images id
-d:放在后台运行
-i:可以进行命令交互
-t:制作一个伪终端用于登陆
58af3ad826d2:镜像的ID,可以简写成58a
镜像是原始配置;运行起来是容器
6. Docker命令:ps
查看已经运行的镜像的进程
[root@localhost 7]# docker ps -a #查看所有运行的镜像进程(包含退出的exit)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1befcadcb16d 1e1148e4cc2c "/bin/bash" About a minute ago Up About a minute kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" About a minute ago Up About a minute thirsty_tesla
72694521cc64 daisy/centos7:1 "/bin/bash" 2 minutes ago Up 2 minutes dazzling_easley
特别提示:
STATUS:进程的状态,UP表示正在运行中,EXIT表示已经退出了。
- Docker命令:attach
从本地系统中切入到某个STATUS状态是UP的镜像进程里
- 容器中which命令需要安装
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS
1befcadcb16d 1e1148e4cc2c "/bin/bash" 4 minutes ago Up 4 minutes
e5ff25fec661 c3dac530e21b "/bin/bash" 5 minutes ago Up 5 minutes
72694521cc64 daisy/centos7:1 "/bin/bash" 5 minutes ago Up 5 minutes
[root@localhost 7]# docker attach 1be #切入到容器号为1befcadcb16d 的镜像进程里
[root@1befcadcb16d /]# ls #已经进入容器里了
anaconda-post.log dev home lib64 mnt proc run srv tmp var
bin etc lib media opt root sbin sys usr
[root@1befcadcb16d /]# exit #退出容器
exit
[root@localhost 7]# docker ps -a #容器的进程的STATUS已经处于EXIT状态(之前是后台运行的,切入进去后执行exit就等于手动退出了)
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1befcadcb16d 1e1148e4cc2c "/bin/bash" 27 minutes ago Exited (0) 7 seconds ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 27 minutes ago Up 27 minutes thirsty_tesla
72694521cc64 daisy/centos7:1 "/bin/bash" 28 minutes ago Up 28 minutes dazzling_easley
- Docker命令:stop
用于停止一个正在运行着的容器进程
#再次在后台启动一个镜像
[root@localhost 7]# docker run -dit 1e1148e4cc2c /bin/bash
9e60fd4ac7b2453e8a0791996b52da786f70a0b37cb5a534c9c0b26ee8d20f30
[root@localhost 7]# docker ps -a #增加了一个容器进程
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 8 seconds ago Up 6 seconds cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 29 minutes ago Exited (0) About a minute ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 29 minutes ago Up 29 minutes thirsty_tesla
72694521cc64 daisy/centos7:1 "/bin/bash" 30 minutes ago Up 29 minutes dazzling_easley
#停止一个运行着的容器进程
[root@localhost 7]# docker stop 9e60
9e60
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About a minute ago Exited (137) 2 seconds ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 30 minutes ago Exited (0) 3 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 30 minutes ago Up 30 minutes thirsty_tesla
72694521cc64 daisy/centos7:1 "/bin/bash" 31 minutes ago Up 31 minutes dazzling_easley
- Docker命令:start
用于启动一个已经停止了的容器进程
同一进程的容器必须全部停止才能启动
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 5 minutes ago Exited (137) 4 minutes ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 34 minutes ago Exited (0) 7 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 35 minutes ago Exited (137) About a minute ago thirsty_tesla
72694521cc64 daisy/centos7:1 "/bin/bash" 35 minutes ago Exited (137) 55 seconds ago dazzling_easley
[root@localhost 7]# docker start 1be
1be
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 6 minutes ago Exited (137) 4 minutes ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 35 minutes ago Up 5 seconds kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 35 minutes ago Exited (137) About a minute ago thirsty_tesla
72694521cc64 daisy/centos7:1 "/bin/bash" 36 minutes ago Exited (137) About a minute ago dazzling_easley
- Docker命令:rm
用于删除一个已经停止了的容器进程
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 6 minutes ago Exited (137) 4 minutes ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 35 minutes ago Up 5 seconds kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 35 minutes ago Exited (137) About a minute ago thirsty_tesla
72694521cc64 daisy/centos7:1 "/bin/bash" 36 minutes ago Exited (137) About a minute ago dazzling_easley
[root@localhost 7]# docker rm 72 #注意运行中的容器进程需要先stop,才能删除
72
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 6 minutes ago Exited (137) 5 minutes ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 35 minutes ago Up 51 seconds kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 36 minutes ago Exited (137) 2 minutes ago thirsty_tesla
docker rm
docker ps -a | grep Exited | awk '{print $1}'删除异常停止的docker容器
docker rmi -fdocker images | grep '<none>' | awk '{print $3}'删除名称或标签为none的镜像
- Docker命令:rmi
用于删除一个未用作容器启动的本地镜像
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos7 1 c3dac530e21b About an hour ago 202MB
hello-world latest fce289e99eb9 11 days ago 1.84kB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker rmi -f fce289e99eb9 强制删除(即便被占用)
Untagged: hello-world:latest
Untagged: hello-world@sha256:2557e3c07ed1e38f26e389462d03ed943586f744621577a99efb77324b0fe535
Deleted: sha256:fce289e99eb9bca977dae136fbe2a82b6b7d4c372474c9235adc1741675f587e
Deleted: sha256:af0b15c8625bb1938f1d7b17081031f649fd14e6b233688eea3c5483994a66a3
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos7 1 c3dac530e21b 2 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@docker ~]# docker rmi 58af3ad826d2 #但要注意,被用作容器启动的镜像是不能删除的(需先rm删除容器进程)
Error response from daemon: conflict: unable to delete 58af3ad826d2 (cannot be forced) - image is being used by running container ceb6682bd574
[root@docker ~]# docker rmi -f 58af3ad826d2 #强行删除被容器进程占用的镜像也是不行的
Error response from daemon: conflict: unable to delete 58af3ad826d2 (cannot be forced) - image is being used by running container ceb6682bd574
[root@docker ~]# docker ps -a #查看容器进程,被占用中
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ceb6682bd574 58af3ad826d2 "/bin/bash" 9 minutes ago Up 6 minutes affectionate_agnesi
- Docker命令:commit
将一个更改过的容器进程的容器状态保存为一个新的镜像
[root@localhost 7]# docker ps -a #查看启动的容器进程
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About an hour ago Exited (137) About an hour ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" About an hour ago Up About an hour kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" About an hour ago Exited (137) About an hour ago thirsty_tesla
[root@localhost 7]# docker attach 1be #切入容器进程
[root@1befcadcb16d /]# yum -y install which 在容器进程里安装which命令
[root@1befcadcb16d /]# exit #退出容器进程
exit
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About an hour ago Exited (137) About an hour ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" About an hour ago Exited (0) 26 seconds ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
[root@localhost 7]# docker commit 1be daisy/centos:2 #将更改后的容器进程保存为一个新的镜像
sha256:1e4c5d64a1e1cf9b2dde5fe1d24cace03c80d502f8849a8e6b076a14c92a03b8
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 2 1e4c5d64a1e1 4 seconds ago 272MB #保存成功
daisy/centos7 1 c3dac530e21b 2 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
#启动新保存的镜像
[root@localhost 7]# docker run -dit 1e4 /bin/bash
acb274f64ab372e5bd2586407c44bc998f3ce1654bc2a197d9c2bd8ba63d5d06
[root@localhost 7]# docker ps -a #查看新镜像的容器进程
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acb274f64ab3 1e4 "/bin/bash" 26 seconds ago Up 22 seconds heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About an hour ago Exited (137) About an hour ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (0) 7 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
[root@localhost 7]# docker attach acb #切入新镜像的容器进程
[root@acb274f64ab3 /]# which echo #已经可以使用which命令了
/usr/bin/echo
- Docker命令:exec
用于从本地操作系统上直接向容器进程发布执行命令并返回结果
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acb274f64ab3 1e4 "/bin/bash" 13 minutes ago Up 31 seconds heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About an hour ago Exited (137) About an hour ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (0) 20 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
[root@localhost 7]# docker exec acb27 ls /tmp/ #查看容器进程里的/tmp目录下所有内容
ks-script-h2MyUP
yum.log
[root@localhost 7]# docker exec acb27 ls /dev #查看容器进程里/yunjisuan目录
console
core
fd
full
mqueue
null
ptmx
pts
random
shm
stderr
stdin
stdout
tty
urandom
zero
进入容器,且退出不对进程产生影响
[root@localhost ~]# docker exec -it acb /bin/bash # -it前台操作
[root@acb274f64ab3 /]#
- Docker命令:cp
用于在容器进程和本地系统之间复制文件,把容器里的文件拷出来
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
acb274f64ab3 1e4 "/bin/bash" 13 minutes ago Up 31 seconds heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About an hour ago Exited (137) About an hour ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (0) 20 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
[root@localhost 7]# docker exec acb27 ls /tmp/ #向容器进程发布命令
ks-script-h2MyUP
yum.log
[root@localhost 7]# docker cp acb27:/tmp/yum.log . #将指定容器进程的/tmp/yum.log复制到当前目录下
[root@localhost 7]# ls
Dockerfile docker.sh yum.log #已经复制过来了
[root@localhost ~]# docker cp anaconda-ks.cfg acb27:/tmp/ #将本地文件复制到容器进程里
[root@localhost ~]# docker exec acb27 ls /tmp/
anaconda-ks.cfg #复制成功
ks-script-h2MyUP
yum.log
- Docker命令:create
用于将一个镜像创建一个容器进程,但是并不启动它
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 2 1e4c5d64a1e1 26 minutes ago 272MB
daisy/centos7 1 c3dac530e21b 2 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost ~]# docker create -it 1e4c5d64a1e1 #创建一个镜像的容器进程,但不直接启动
e2f9ff8f6338fd84227112bbca2855f4607424406ffee77d57f7e60a0c7b1f2e
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 6 seconds ago Created stoic_wilson #创建状态并未启动
acb274f64ab3 1e4 "/bin/bash" 21 minutes ago Up 8 minutes heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About an hour ago Exited (137) About an hour ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (0) 28 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
[root@localhost ~]# docker start e2f #启动容器进程
e2f
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 37 seconds ago Up 3 seconds stoic_wilson
acb274f64ab3 1e4 "/bin/bash" 22 minutes ago Up 9 minutes heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" About an hour ago Exited (137) About an hour ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (0) 29 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
- Docker命令:diff
查看容器进程与源镜像做对比,发生了改变的文件或文件夹
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 3 minutes ago Up 2 minutes stoic_wilson
acb274f64ab3 1e4 "/bin/bash" 24 minutes ago Up 11 minutes heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (137) 2 hours ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (0) 31 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 2 1e4c5d64a1e1 30 minutes ago 272MB
daisy/centos7 1 c3dac530e21b 2 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost ~]# docker run -dit 1e4c5d64a1e1 #启动一个镜像的容器进程
f6bcdbea1edab53fe521561d1045af4df35b264c2f427cc8fc65ea6b0de3ab37
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f6bcdbea1eda 1e4c5d64a1e1 "/bin/bash" 3 seconds ago Up 3 seconds unruffled_greider
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 3 minutes ago Up 3 minutes stoic_wilson
acb274f64ab3 1e4 "/bin/bash" 25 minutes ago Up 12 minutes heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (137) 2 hours ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 2 hours ago Exited (0) 32 minutes ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 2 hours ago Exited (137) About an hour ago thirsty_tesla
[root@localhost ~]# docker attach f6b #切入容器进程
[root@f6bcdbea1eda /]# which echo
/usr/bin/echo
[root@f6bcdbea1eda /]# mkdir -p yunjisuan
[root@f6bcdbea1eda /]# touch yunjisuan/{1..10} #在容器进程中创建文件
[root@f6bcdbea1eda /]# ls yunjisuan/
1 10 2 3 4 5 6 7 8 9
[root@f6bcdbea1eda /]# exit #退出容器进程
exit
[root@localhost ~]# docker diff f6b #查看容器进程的变化
C /root
C /root/.bash_history
A /yunjisuan
A /yunjisuan/3
A /yunjisuan/5
A /yunjisuan/6
A /yunjisuan/7
A /yunjisuan/9
A /yunjisuan/10
A /yunjisuan/2
A /yunjisuan/4
A /yunjisuan/8
A /yunjisuan/1
- Docker命令:events
时时监测容器的变化情况
[root@localhost ~]# docker events
2019-01-12T01:17:05.636334035-05:00 container exec_create: mkdir daisy acb274f64ab372e5bd2586407c44bc998f3ce1654bc2a197d9c2bd8ba63d5d06 (execID=1cb37df862b1b64913588795fcb6bff66c04cb3ccf977b59a5cd57aa7b4ff477, image=1e4, name=heuristic_chatterjee, org.label-schema.build-date=20181205, org.label-schema.license=GPLv2, org.label-schema.name=CentOS Base Image, org.label-schema.schema-version=1.0, org.label-schema.vendor=CentOS)
2019-01-12T01:17:05.637979785-05:00 container exec_start: mkdir daisy acb274f64ab372e5bd2586407c44bc998f3ce1654bc2a197d9c2bd8ba63d5d06 (execID=1cb37df862b1b64913588795fcb6bff66c04cb3ccf977b59a5cd57aa7b4ff477, image=1e4, name=heuristic_chatterjee, org.label-schema.build-date=20181205, org.label-schema.license=GPLv2, org.label-schema.name=CentOS Base Image, org.label-schema.schema-version=1.0, org.label-schema.vendor=CentOS)
前台时时监控容器的变化若要检测,需要另外再起一个窗口进行操作
- Docker命令:export
将容器进程的文件系统导出到本地
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f6bcdbea1eda 1e4c5d64a1e1 "/bin/bash" 2 hours ago Exited (0) 2 hours ago unruffled_greider
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 2 hours ago Up 2 hours stoic_wilson
acb274f64ab3 1e4 "/bin/bash" 3 hours ago Up 2 hours heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 4 hours ago Exited (137) 4 hours ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 4 hours ago Exited (0) 3 hours ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 4 hours ago Exited (137) 4 hours ago thirsty_tesla
[root@localhost ~]# docker export 9e6 > test.tar #将容器进程导出成一个tar包
[root@localhost ~]# ls
anaconda-ks.cfg dockerfile test.tar
- Docker命令:import
用于将export导出的文件系统创建为一个镜像
[root@localhost ~]# ls
anaconda-ks.cfg dockerfile test.tar
[root@
localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 4 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost ~]# docker import test.tar daisy/centos:3 #将导出的tar包文件系统生成一个新的镜像
sha256:88afc1d08ce1a05392d113e8d39eea03894eb29c15c455fe2e7ffec65553ee85
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 5 seconds ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 4 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
- Docker命令:history
用于查看一个镜像的历史修改纪录
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 About a minute ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 4 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost ~]# docker history daisy/centos7:1
IMAGE CREATED CREATED BY SIZE COMMENT
c3dac530e21b 4 hours ago /bin/sh -c #(nop) CMD ["/home/test/docker.s… 0B
21970f6bc5b6 4 hours ago /bin/sh -c chmod +x /home/test/docker.sh 57B
fdbc7d3a8f09 4 hours ago /bin/sh -c #(nop) COPY file:84ec58f8405b1601… 57B
1c3aa890a559 4 hours ago /bin/sh -c ln -sfv /usr/share/zoneinfo/Asia/… 33B
1df6b8470038 4 hours ago /bin/sh -c #(nop) LABEL MAINTATNER=daisy.com 0B
1e1148e4cc2c 5 weeks ago /bin/sh -c #(nop) CMD ["/bin/bash"] 0B
<missing> 5 weeks ago /bin/sh -c #(nop) LABEL org.label-schema.sc… 0B
<missing> 5 weeks ago /bin/sh -c #(nop) ADD file:6f877549795f4798a… 202MB
- Docker命令:info
用于查看当前操作系统的docker运行信息
[root@localhost ~]# docker info
Containers: 6 #容器进程6个
Running: 2 #正在运行状态的容器2个
Paused: 0
Stopped: 4
Images: 8 #一共8个镜像
Server Version: 18.09.1
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 9754871865f7fe2f4e74d43e2fc7ccd237edcbce
runc version: 96ec2177ae841256168fcf76954f7177af9446eb
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-862.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 974.6MiB
Name: localhost
ID: B2GM:4BVW:MTLS:VU7E:P54C:P7MO:M2IX:JXUF:3FIJ:LAN5:UHAX:ZXDL
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
WARNING: IPv4 forwarding is disabled
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
- Docker命令:inspect
查看某个镜像的详细信息
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 4 minutes ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 4 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost ~]# docker inspect 88afc1d08ce1
[
{
"Id": "sha256:88afc1d08ce1a05392d113e8d39eea03894eb29c15c455fe2e7ffec65553ee85",
"RepoTags": [
"daisy/centos:3"
],
"RepoDigests": [],
"Parent": "",
"Comment": "Imported from -",
"Created": "2019-01-12T06:33:15.659639396Z",
"Container": "",
"ContainerConfig": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"DockerVersion": "18.09.1",
"Author": "",
"Config": {
"Hostname": "",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": null,
"Cmd": null,
"Image": "",
"Volumes": null,
"WorkingDir": "",
"Entrypoint": null,
"OnBuild": null,
"Labels": null
},
"Architecture": "amd64",
"Os": "linux",
"Size": 201779439,
"VirtualSize": 201779439,
"GraphDriver": {
"Data": {
"MergedDir": "/var/lib/docker/overlay2/a7e35821d4001fdb0ed03cf62cd8b4acfa72a77a3a06795de2b241d576b6c586/merged",
"UpperDir": "/var/lib/docker/overlay2/a7e35821d4001fdb0ed03cf62cd8b4acfa72a77a3a06795de2b241d576b6c586/diff",
"WorkDir": "/var/lib/docker/overlay2/a7e35821d4001fdb0ed03cf62cd8b4acfa72a77a3a06795de2b241d576b6c586/work"
},
"Name": "overlay2"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:083cbbe2af2e6fb23baa90d53497cd9b4af7503a0be540732b95eb756c7b1ce2"
]
},
"Metadata": {
"LastTagTime": "2019-01-12T01:33:15.780066999-05:00"
}
}
]
- Docker命令:kill
强行停止一个或多个正在运行状态的容器进程
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f6bcdbea1eda 1e4c5d64a1e1 "/bin/bash" 3 hours ago Exited (0) 2 hours ago unruffled_greider
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 3 hours ago Up 3 hours stoic_wilson
acb274f64ab3 1e4 "/bin/bash" 3 hours ago Up 3 hours heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 4 hours ago Exited (137) 4 hours ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 5 hours ago Exited (0) 3 hours ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 5 hours ago Exited (137) 4 hours ago thirsty_tesla
[root@localhost ~]# docker kill e2f
e2f
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f6bcdbea1eda 1e4c5d64a1e1 "/bin/bash" 3 hours ago Exited (0) 2 hours ago unruffled_greider
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 3 hours ago Exited (137) 7 seconds ago stoic_wilson
acb274f64ab3 1e4 "/bin/bash" 3 hours ago Up 3 hours heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 4 hours ago Exited (137) 4 hours ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 5 hours ago Exited (0) 3 hours ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 5 hours ago Exited (137) 4 hours ago thirsty_tesla
- Docker命令:save
用于将一个镜像的文件系统导出到本地(export导出的是容器)
#重新build一个镜像
[root@localhost ~]# cd dockerfile/lib/centos/7
[root@localhost 7]# docker build -t test:1 .
Sending build context to Docker daemon 3.072kB
Step 1/6 : FROM centos
---> 1e1148e4cc2c
Step 2/6 : LABEL MAINTATNER="daisy.com"
---> Using cache
---> 1df6b8470038
Step 3/6 : RUN ln -sfv /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
---> Using cache
---> 1c3aa890a559
Step 4/6 : COPY docker.sh /home/test/
---> Using cache
---> fdbc7d3a8f09
Step 5/6 : RUN chmod +x /home/test/docker.sh
---> Using cache
---> 21970f6bc5b6
Step 6/6 : CMD ["/home/test/docker.sh"]
---> Using cache
---> c3dac530e21b
Successfully built c3dac530e21b
Successfully tagged test:1
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 15 minutes ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 5 hours ago 202MB
test 1 c3dac530e21b 5 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
#save导出test:1这个镜像(也可以是id号)
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 16 minutes ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 5 hours ago 202MB
test 1 c3dac530e21b 5 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker save test:1 > test.tar
[root@localhost 7]# ls
Dockerfile docker.sh test.tar
- Docker命令:load
用于将save导出到本地的tar包,重新加载为镜像(和源镜像的名字标识完全一样)
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 21 minutes ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 5 hours ago 202MB
test 1 c3dac530e21b 5 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker rmi test:1 #删除镜像test:1
Untagged: test:1
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 22 minutes ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 5 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker load < test.tar #将之前test:1这个镜像的save备份导入系统
Loaded image: test:1
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 22 minutes ago 202MB
daisy/centos 2 1e4c5d64a1e1 3 hours ago 272MB
daisy/centos7 1 c3dac530e21b 5 hours ago 202MB
test 1 c3dac530e21b 5 hours ago 202MB #和原来镜像完全一样
centos latest 1e1148e4cc2c 5 weeks ago 202MB
- Docker命令:logs
用于输出一个容器进程内的操作日志
容器在内存中,把内容输出到屏幕,docker logs 镜像ID能够看内容
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 2 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 5 hours ago 272MB
daisy/centos7 1 c3dac530e21b 6 hours ago 202MB
test 1 c3dac530e21b 6 hours ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost ~]# docker run -dit daisy/centos7:1
WARNING: IPv4 forwarding is disabled. Networking will not work.
dc73b806bcd42711a1b303b9c3f8b9234055b086387a6cc6c9f206dd1307b42d
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
dc73b806bcd4 daisy/centos7:1 "/home/test/docker.sh" 12 seconds ago Up 11 seconds cranky_hamilton
f6bcdbea1eda 1e4c5d64a1e1 "/bin/bash" 4 hours ago Exited (0) 4 hours ago unruffled_greider
e2f9ff8f6338 1e4c5d64a1e1 "/bin/bash" 4 hours ago Exited (137) 2 hours ago stoic_wilson
acb274f64ab3 1e4 "/bin/bash" 4 hours ago Up 4 hours heuristic_chatterjee
9e60fd4ac7b2 1e1148e4cc2c "/bin/bash" 6 hours ago Exited (137) 6 hours ago cocky_jang
1befcadcb16d 1e1148e4cc2c "/bin/bash" 6 hours ago Exited (0) 5 hours ago kind_hugle
e5ff25fec661 c3dac530e21b "/bin/bash" 6 hours ago Up 2 minutes thirsty_tesla
[root@localhost ~]# docker logs dc
welcome
welcome
welcome
welcome
welcome
welcome
- Docker命令:pause && unpause
用于将一个或多个容器的进程暂停和恢复
[root@docker 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
16f9f6c9c699 test:1 "/home/test/docker.sh" 5 minutes ago Up 5 minutes adoring_noether
[root@docker 7]# docker pause 16f9f6c9c699 #暂停容器进程
16f9f6c9c699
[root@docker 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
16f9f6c9c699 test:1 "/home/test/docker.sh" 5 minutes ago Up 5 minutes (Paused) adoring_noether
[root@docker 7]# docker unpause 16f9f6c9c699 #恢复容器进程
16f9f6c9c699
[root@docker 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
16f9f6c9c699 test:1 "/home/test/docker.sh" 5 minutes ago Up 5 minutes
- Docker命令:port
用于列出一个容器的端口映射及协议
veth开头的是容器的虚拟网卡
容器01、容器02、容器03具有共同网关docker0,容器的数据包通过docker0网关转发到真实物理网卡,就能够连通网络,这种模式为网桥模式
网桥模式的两种形式:
(1)桥接真实物理网卡,桥接的职能是交换机(同网段)
(2) 作为NAT模式的网桥,将网关转发到物理网卡上,网桥的职能是路由器(跨网段)
docker port 查看容器打开哪些端口
**[root@localhost ~]# docker run -dit --name nginx_test -p 80:80 nginx #启动一个镜像的容器进程 -p 指定本地80端口映射到容器的80端口,任意IP的80端口自动跳转到容器的80端口
WARNING: IPv4 forwarding is disabled. Networking will not work.
32b6e9251a45c079105a40e23c1d499f864c5c7e0fde2f29d1b18809bf951fb2
[root@localhost ~]# docker port nginx_test #查看容器进程的端口映射及协议
80/tcp -> 0.0.0.0:80
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
32b6e9251a45 nginx "nginx -g 'daemon of…" 3 minutes ago Up 3 minutes 0.0.0.0:80->80/tcp nginx_test
**
- Docker命令:rename
给容器进程重命名
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" 55 seconds ago Up 54 seconds happy_wozniak
ba31f67d7d89 nginx "nginx -g 'daemon of…" 7 minutes ago Up 7 minutes 80/tcp mystifying_vaughan
32b6e9251a45 nginx "nginx -g 'daemon of…" 17 minutes ago Up 17 minutes 0.0.0.0:80->80/tcp nginx_test
[root@localhost 7]# docker rename nginx_test daisy_nginx
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" 3 minutes ago Up 3 minutes happy_wozniak
ba31f67d7d89 nginx "nginx -g 'daemon of…" 9 minutes ago Up 9 minutes 80/tcp mystifying_vaughan
32b6e9251a45 nginx "nginx -g 'daemon of…" 19 minutes ago Up 19 minutes 0.0.0.0:80->80/tcp daisy_nginx
- Docker命令:restart
重启一个容器进程
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" 8 minutes ago Up 8 minutes happy_wozniak
ba31f67d7d89 nginx "nginx -g 'daemon of…" 14 minutes ago Up 35 seconds 80/tcp mystifying_vaughan
32b6e9251a45 nginx "nginx -g 'daemon of…" 24 minutes ago Up 24 minutes 0.0.0.0:80->80/tcp daisy_nginx
[root@localhost 7]# docker restart 32b
32b
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" 8 minutes ago Up 8 minutes happy_wozniak
ba31f67d7d89 nginx "nginx -g 'daemon of…" 15 minutes ago Up About a minute 80/tcp mystifying_vaughan
32b6e9251a45 nginx "nginx -g 'daemon of…" 24 minutes ago Up 5 seconds 0.0.0.0:80->80/tcp daisy_nginx
- Docker命令:stats
用于时时输出容器的资源使用情况
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS
39f81563ac8c c3dac530e21b "/bin/bash" 8 minutes ago Up 8 m
ba31f67d7d89 nginx "nginx -g 'daemon of…" 15 minutes ago Up Abo
32b6e9251a45 nginx "nginx -g 'daemon of…" 24 minutes ago Up 5 s
[root@localhost 7]# docker stats 32b
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
32b6e9251a45 daisy_nginx 0.00% 1.371MiB / 974.6MiB 0.14% 648B / 0B 0B / 0B 2
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
32b6e9251a45 daisy_nginx 0.00% 1.371MiB / 974.6MiB 0.14% 648B / 0B 0B / 0B 2
#--no-tream只输出一次
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" 11 minutes ago Up 11 minutes happy_wozniak
ba31f67d7d89 nginx "nginx -g 'daemon of…" 18 minutes ago Up 4 minutes 80/tcp mystifying_vaughan
32b6e9251a45 nginx "nginx -g 'daemon of…" 28 minutes ago Up 3 minutes 0.0.0.0:80->80/tcp daisy_nginx
[root@localhost 7]# docker stats 32b --no-stream
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
32b6e9251a45 daisy_nginx 0.00% 1.371MiB / 974.6MiB 0.14% 648B / 0B 0B / 0B 2
- Docker命令:tag
用于从一个指定的镜像创建另外一个镜像
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 27 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 30 hours ago 272MB
daisy/centos7 1 c3dac530e21b 32 hours ago 202MB
test 1 c3dac530e21b 32 hours ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker tag test:1 test:2 #我们可以指定名字:标志来创建
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 27 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 30 hours ago 272MB
test 1 c3dac530e21b 32 hours ago 202MB
test 2 c3dac530e21b 32 hours ago 202MB
daisy/centos7 1 c3dac530e21b 32 hours ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker rmi test:2
Untagged: test:2
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 27 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 30 hours ago 272MB
daisy/centos7 1 c3dac530e21b 32 hours ago 202MB
test 1 c3dac530e21b 32 hours ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 27 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 30 hours ago 272MB
daisy/centos7 1 c3dac530e21b 32 hours ago 202MB
test 1 c3dac530e21b 32 hours ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker tag 88a test:2 #我们也可以指定image id来创建
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 27 hours ago 202MB
test 2 88afc1d08ce1 27 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 30 hours ago 272MB
test 1 c3dac530e21b 32 hours ago 202MB
daisy/centos7 1 c3dac530e21b 32 hours ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
[root@localhost 7]# docker rmi test:2
Untagged: test:2
[root@localhost 7]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 27 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 30 hours ago 272MB
daisy/centos7 1 c3dac530e21b 32 hours ago 202MB
test 1 c3dac530e21b 32 hours ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
- Docker命令:top
用于显示指定容器的进程信息
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" 23 minutes ago Up 23 minutes happy_wozniak
ba31f67d7d89 nginx "nginx -g 'daemon of…" 30 minutes ago Up 16 minutes 80/tcp mystifying_vaughan
32b6e9251a45 nginx "nginx -g 'daemon of…" 40 minutes ago Up 15 minutes 0.0.0.0:80->80/tcp daisy_nginx
[root@localhost 7]# docker top 32b
UID PID PPID C STIME TTY TIME CMD
root 18511 18495 0 04:35 pts/0 00:00:00 nginx: master process nginx -g daemon off;
101 18540 18511 0 04:35 pts/0 00:00:00 nginx: worker process
- Docker命令:update
用于调整一个或多个容器的启动配置
[root@localhost 7]# docker update --help
Usage: docker update [OPTIONS] CONTAINER [CONTAINER...]
Update configuration of one or more containers
Options:
--blkio-weight uint16 Block IO (relative weight), between 10 and 1000,
or 0 to disable (default 0)
--cpu-period int Limit CPU CFS (Completely Fair Scheduler) period
--cpu-quota int Limit CPU CFS (Completely Fair Scheduler) quota
--cpu-rt-period int Limit the CPU real-time period in microseconds
--cpu-rt-runtime int Limit the CPU real-time runtime in microseconds
-c, --cpu-shares int CPU shares (relative weight)
--cpus decimal Number of CPUs
--cpuset-cpus string CPUs in which to allow execution (0-3, 0,1)
--cpuset-mems string MEMs in which to allow execution (0-3, 0,1)
--kernel-memory bytes Kernel memory limit
-m, --memory bytes Memory limit #调整内存
--memory-reservation bytes Memory soft limit
--memory-swap bytes Swap limit equal to memory plus swap: '-1' to
enable unlimited swap
--restart string Restart policy to apply when a container exits
- Docker命令:version and wait
version用于显示docker的版本信息
wait用于捕捉一个或多个容器的退出状态,并返回退出状态码
#显示docker版本信息
[root@localhost 7]# docker version
Client:
Version: 18.09.1
API version: 1.39
Go version: go1.10.6
Git commit: 4c52b90
Built: Wed Jan 9 19:35:01 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.1
API version: 1.39 (minimum version 1.12)
Go version: go1.10.6
Git commit: 4c52b90
Built: Wed Jan 9 19:06:30 2019
OS/Arch: linux/amd64
Experimental: false
#监听容器的退出状态并返回状态码
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" 27 minutes ago Up 27 minutes happy_wozniak
ba31f67d7d89 nginx "nginx -g 'daemon of…" 33 minutes ago Up 19 minutes 80/tcp mystifying_vaughan
32b6e9251a45 nginx "nginx -g 'daemon of…" 43 minutes ago Up 18 minutes 0.0.0.0:80->80/tcp daisy_nginx
[root@localhost ~]# docker stop 32b
32b
[root@localhost 7]# docker wait 32b
0
- Docker命令:login && logout && push
- login用于登陆docker hub官方公有仓库
- logout用于登出docker hub官方公有仓库
- push用于将本地镜像提交到docker hub
由于docker hub国内已经无法注册,因此无法演示上述内容
DockerHub官方公有镜像仓库:https://hub.docker.com/
管理应用程序数据
- Volume和Bind Mount
将Docker主机数据挂载到容器
- Docker提供三种不同方式将数据从宿主机挂载到容器中:volumes,bind mounts和tmpfs。
- volumes:Docker管理宿主机文件系统的一部分(/var/lib/docker/volumes)
- bind mounts:可以存储在宿主机系统的任意位置
- tmpfs:挂载存储在宿主机系统的内存中,而不会写入宿主机的文件系统
1.1 Volume
#创建一个卷
[root@localhost ~]# cd /var/lib/docker/volumes/
[root@localhost volumes]# ls
metadata.db
[root@localhost volumes]# docker volume create nignx_vol
nignx_vol
[root@localhost volumes]# ls
metadata.db nignx_vol
[root@localhost volumes]# docker volume ls
DRIVER VOLUME NAME
local nginx-vol
#下载一个nginx官方镜像
[root@docker 7]# docker pull nginx
Using default tag: latest
latest: Pulling from library/nginx
683abbb4ea60: Pull complete
6ff57cbc007a: Pull complete
162f7aebbf40: Pull complete
Digest: sha256:2cf71a9320ea65566c0738e87400407aaffd8dd11a411ceb2f2b585ad513469e
Status: Downloaded newer image for nginx:latest
[root@localhost 7]# docker run -dit --name=nginx-test --mount src=nginx-vol,dst=/usr/share/nginx/html nginx
WARNING: IPv4 forwarding is disabled. Networking will not work.
767b6117cd0f3d3c80cfc1c98b426d31032f3898862d971e34b208a4d1d4270f
特别说明:
--name:容器的名字
--mount:挂载
src:源卷的名字
dst:挂载到容器中的路径
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
767b6117cd0f nginx "nginx -g 'daemon of…" 14 minutes ago Up 14 minutes 80/tcp nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" About an hour ago Up About an hour happy_wozniak
#向容器中的挂载目录创建文件,查看是否挂载成功
[root@localhost 7]# docker exec nginx-test touch /usr/share/nginx/html/test.txt
[root@localhost 7]# docker exec nginx-test ls /usr/share/nginx/html/
50x.html
index.html
test.txt #能够查看到创建的文件
[root@localhost 7]# ls /var/lib/docker/volumes/nginx-vol/_data/
50x.html index.html test.txt
#清理容器进程
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
767b6117cd0f nginx "nginx -g 'daemon of…" 18 minutes ago Up 18 minutes 80/tcp nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" About an hour ago Up About an hour happy_wozniak
[root@localhost 7]# docker stop nginx-test
nginx-test
[root@localhost 7]# docker rm nginx-test
nginx-test
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
39f81563ac8c c3dac530e21b "/bin/bash" About an hour ago Up About an hour happy_wozniak
[root@localhost 7]# ls /var/lib/docker/volumes/nginx-vol/_data/
50x.html index.html test.txt #清理容器后,挂载的卷的数据仍旧存在
#重新启动镜像nginx的容器进程
[root@localhost 7]# docker run -dit --name nginx-test -p 88:80 --mount src=nginx.vol,dst=/usr/share/nginx/html nginx
WARNING: IPv4 forwarding is disabled. Networking will not work.
9f1a2b60b5df38ffc5b06aac46fc720f8416e8cd9fdaabfa83794e5d83142d9f
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9f1a2b60b5df nginx "nginx -g 'daemon of…" 5 seconds ago Up 4 seconds 0.0.0.0:88->80/tcp nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" About an hour ago Up About an hour happy_wozniak
特别提示:
docker run的-p参数:指定端口的映射,88:80的意思就是将宿主机88端口的访问映射到容器进程的80端口
#在数据卷nginx-vol里换一个网页在访问
[root@docker 7]# rm -rf /var/lib/docker/volumes/nginx-vol/_data/
50x.html index.html test.txt
[root@docker 7]# rm -rf /var/lib/docker/volumes/nginx-vol/_data/*
[root@docker 7]# echo "welcome to yunjisuan" > /var/lib/docker/volumes/nginx-vol/_data/index.html
现在我们在启动一个镜像nginx的进程,让两个nginx的容器进程公用一个数据卷nginx-vol
[root@localhost 7]# docker run -dit --name nginx-test2 -p 89:80 --mount src=nginx-vol,dst=/usr/share/nginx/html nginx
WARNING: IPv4 forwarding is disabled. Networking will not work.
bebb3bb43ebfbedc9b9543e8f478e165e2de2339b3bc29e3a41acb053f8bf189
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
bebb3bb43ebf nginx "nginx -g 'daemon of…" 5 seconds ago Up 3 seconds 0.0.0.0:89->80/tcp nginx-test2
9f1a2b60b5df nginx "nginx -g 'daemon of…" 9 minutes ago Up 9 minutes 0.0.0.0:88->80/tcp nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" 2 hours ago Up 2 hours happy_wozniak
- Bind Mounts
[root@localhost 7]# mkdir -p /www/html
[root@localhost 7]# docker run -dit --name nginx-test3 -p 90:80 --mount type=bind,src=/var/lib/docker/volumes/nginx-vol/_data,dst=/www/html nginx
WARNING: IPv4 forwarding is disabled. Networking will not work.
4c7b933e514865f66391fd925837d4c804b2581a5acf3ff139b59febc1d5716e
[root@localhost 7]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
4c7b933e5148 nginx "nginx -g 'daemon of…" 48 seconds ago Up 47 seconds 0.0.0.0:90->80/tcp nginx-test3
bebb3bb43ebf nginx "nginx -g 'daemon of…" 18 minutes ago Up 18 minutes 0.0.0.0:89->80/tcp nginx-test2
9f1a2b60b5df nginx "nginx -g 'daemon of…" 28 minutes ago Up 28 minutes 0.0.0.0:88->80/tcp nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" 2 hours ago Up 2 hours happy_wozniak
特别提示:
bind mounts可以挂载宿主机上的任意目录,而volume先得创建后才能挂载
- 实战容器部署LNMP网站平台
首先我们下载一个wordpress博客
wget https://cn.wordpress.org/wordpress-4.7.4-zh_CN.tar.gz
2.1 创建MySQL数据库容器
[root@localhost ~]# ls
anaconda-ks.cfg dockerfile test.tar wordpress-4.7.4-zh_CN.tar.gz
#下载MySQL5.6版本镜像
[root@localhost ~]# docker pull mysql:5.6
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 33 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 36 hours ago 272MB
daisy/centos7 1 c3dac530e21b 38 hours ago 202MB
test 1 c3dac530e21b 38 hours ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
mysql 5.6 27e29668a08a 2 weeks ago 256MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
#创建一个自定义网络
[root@localhost ~]# docker network create lnmp
667b903f4075521852260a105b60f6d572943eb3579af179ff813cab2ffc91e0
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
6005dea5a38d bridge bridge local
d7bec9927f81 host host local
667b903f4075 lnmp bridge local #有了(默认驱动为网桥)
f6a3b8b5b791 none null local
#启动MySQL数据库容器
[root@localhost ~]# docker run -dit --name lnmp_mysql --network lnmp -p 3306:3306 --mount src=mysql-vol,dst=/var/lib/mysql -e MYSQL_ROOT_PASSWORD=123456 mysql:5.6 --character-set-server=utf8
WARNING: IPv4 forwarding is disabled. Networking will not work.
fc07a004fb39b361e3f28a9c2f96f548adb0f93347f75b9b1fbb708c531487d1
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
fc07a004fb39 mysql:5.6 "docker-entrypoint.s…" 10 seconds ago Up 8 seconds 0.0.0.0:3306->3306/tcp lnmp_mysql
4c7b933e5148 nginx "nginx -g 'daemon of…" 15 hours ago Up 15 hours 0.0.0.0:90->80/tcp nginx-test3
bebb3bb43ebf nginx "nginx -g 'daemon of…" 16 hours ago Up 16 hours 0.0.0.0:89->80/tcp nginx-test2
9f1a2b60b5df nginx "nginx -g 'daemon of…" 16 hours ago Up 16 hours 0.0.0.0:88->80/tcp nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" 17 hours ago Up 17 hours happy_wozniak
特别提示:
- 自定义网络lnmp如果不提前创建的话,在启动容器进程时会报错
- 如果没有提前pull好mysql:5.6那么容器在启动时会自动下载对应镜像
- 如果没有提前docker volume create mysql-vol,那么容器启动时会自动创建
#查看容器lnmp_mysql的日志输出
[root@localhost ~]# docker logs lnmp_mysql
#查看容器里启动的进程
[root@localhost ~]# docker top lnmp_mysql
UID PID PPID C STIME TTY TIME CMD
polkitd 20732 20716 0 21:33 pts/0 00:00:00 mysqld --character-set-server=utf8
2.2 向容器里的MySQL创建一个库
[root@localhost ~]# docker exec lnmp_mysql sh -c 'exec mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -e "create database wp"'
Warning: Using a password on the command line interface can be insecure.
2.3 在docker宿主机上安装mysql的客户端通过端口映射访问容器内的mysql
因为已经将mysql容器的3306端口映射到了docker宿主机的3306,因此我们访问本地即可
#安装mysql客户端
[root@localhost ~]# yum -y install mysql
#查看本机IP地址
[root@localhost ~]# hostname -I | xargs -n1 | head -1
192.168.100.102
#远程方式连接docker宿主机的3306端口
[root@localhost ~]# mysql -h192.168.100.102 -P3306 -uroot -p123456
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.6.42 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MySQL [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wp | #已经创建wp库了
+--------------------+
4 rows in set (0.34 sec)
2.4 创建nginx+PHP环境容器
#创建一个网页目录
[root@localhost ~]# mkdir -p /app/wwwroot
[root@localhost ~]# ll -d /app/wwwroot
drwxr-xr-x 2 root root 6 Jan 13 21:53 /app/wwwroot
#下载richarvey/nginx-php-fpm镜像
[root@localhost ~]# docker pull richarvey/nginx-php-fpm
[root@localhost ~]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
daisy/centos 3 88afc1d08ce1 45 hours ago 202MB
daisy/centos 2 1e4c5d64a1e1 47 hours ago 272MB
test 1 c3dac530e21b 2 days ago 202MB
daisy/centos7 1 c3dac530e21b 2 days ago 202MB
nginx latest 7042885a156a 2 weeks ago 109MB
mysql 5.6 27e29668a08a 2 weeks ago 256MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
richarvey/nginx-php-fpm latest 359a8d82408a 2 months ago 304MB
#启动richarvey/nginx-php-fpm镜像的容器
[root@localhost ~]# docker run -dit --name lnmp_web --net lnmp -p80:80 --mount type=bind,src=/app/wwwroot,dst=/var/www/html richarvey/nginx-php-fpm
d663a10a9a91dd9ae5dd9af4d8718d586e93f42dd0f9e7eb7321c83ea826f817
[root@localhost ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d663a10a9a91 richarvey/nginx-php-fpm "docker-php-entrypoi…" 35 seconds ago Up 26 seconds 443/tcp, 0.0.0.0:80->80/tcp, 9000/tcp lnmp_web
fc07a004fb39 mysql:5.6 "docker-entrypoint.s…" 32 minutes ago Up 32 minutes 0.0.0.0:3306->3306/tcp lnmp_mysql
4c7b933e5148 nginx "nginx -g 'daemon of…" 16 hours ago Up 16 hours 0.0.0.0:90->80/tcp nginx-test3
bebb3bb43ebf nginx "nginx -g 'daemon of…" 16 hours ago Up 16 hours 0.0.0.0:89->80/tcp nginx-test2
9f1a2b60b5df nginx "nginx -g 'daemon of…" 16 hours ago Up 16 hours 0.0.0.0:88->80/tcp nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" 18 hours ago Up 18 hours happy_wozniak
2.5 解压wordpress到网页目录/app/wwwroot下
[root@localhost ~]# tar xf wordpress-4.7.4-zh_CN.tar.gz -C /app/wwwroot/
[root@localhost ~]# cd /app/wwwroot/
[root@localhost wwwroot]# ls
wordpress
2.6 博客wordpress访问测试
通过浏览器进行docker宿主机的88端口的访问测试
http://IP:88/wordpress
特别提示:如果出现以下情况
#如果出现连接不上的情况,那么请按顺序执行以下命令一遍
[root@localhost wwwroot]# systemctl stop firewalld
[root@localhost wwwroot]# systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
[root@localhost wwwroot]# iptables -F
[root@localhost wwwroot]# iptables -P FORWARD ACCEPT
[root@localhost wwwroot]# iptables -P INPUT ACCEPT
[root@localhost wwwroot]# iptables -P INPUT ACCEPT
#如果还是不显示页面,重启docker
[root@localhost wwwroot]# systemctl restart docker
[root@localhost wwwroot]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d663a10a9a91 richarvey/nginx-php-fpm "docker-php-entrypoi…" 14 minutes ago Exited (0) 23 seconds ago lnmp_web
fc07a004fb39 mysql:5.6 "docker-entrypoint.s…" About an hour ago Exited (0) 22 seconds ago lnmp_mysql
4c7b933e5148 nginx "nginx -g 'daemon of…" 16 hours ago Exited (0) 6 minutes ago nginx-test3
bebb3bb43ebf nginx "nginx -g 'daemon of…" 16 hours ago Exited (0) 6 minutes ago nginx-test2
9f1a2b60b5df nginx "nginx -g 'daemon of…" 16 hours ago Exited (0) 6 minutes ago nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" 18 hours ago Exited (137) 15 seconds ago happy_wozniak
[root@localhost wwwroot]# docker start lnmp_mysql
lnmp_mysql
[root@localhost wwwroot]# docker start lnmp_web
lnmp_web
[root@localhost wwwroot]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d663a10a9a91 richarvey/nginx-php-fpm "docker-php-entrypoi…" 14 minutes ago Up 2 seconds 443/tcp, 0.0.0.0:80->80/tcp, 9000/tcp lnmp_web
fc07a004fb39 mysql:5.6 "docker-entrypoint.s…" About an hour ago Up 17 seconds 0.0.0.0:3306->3306/tcp lnmp_mysql
4c7b933e5148 nginx "nginx -g 'daemon of…" 16 hours ago Exited (0) 7 minutes ago nginx-test3
bebb3bb43ebf nginx "nginx -g 'daemon of…" 16 hours ago Exited (0) 6 minutes ago nginx-test2
9f1a2b60b5df nginx "nginx -g 'daemon of…" 16 hours ago Exited (0) 6 minutes ago nginx-test
39f81563ac8c c3dac530e21b "/bin/bash" 18 hours ago Exited (137) 52 seconds ago happy_wozniak
网络管理
Jenkins+svn(git)+ansible,中小企业自动化架构
Jenkins+docker+git+maven,容器自动化架构
超大型企业会引入kubernets、k8s
- 容器网络模式
- Docker支持5种网络模式
- bridge 网桥模式(NAT模式),虚拟一个路由器
- 默认网络,Docker启动后默认创建一个docker0网桥,默认创建的容器也是添加到这个网桥中
- host 相当于仅主机模式
- 容器不会获得一个独立的network namespace,而是与宿主机共用一个
- none 没有网卡,专门用来配桥接的
- 获取独立的network namespace,但不为容器进行任何网络配置
- container 两个容器共用一块网卡
- 与指定的容器使用同一个network namespace,网卡配置也都是相同的
- 自定义
- 自定义网桥,默认与bridge网络一样
1.1 bridge网络类型
#安装bridge管理工具
[root@localhost ~]# yum -y install bridge-utils
#查看网桥状态
[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
br-667b903f4075 8000.02428d3ac2ec no vethc4bf794
vethf6a6a51 #网桥br-br0绑定了两个虚拟网卡
docker0 8000.02429be259d2 no
#查看网络类型
[root@localhost ~]# docker network ls
NETWORK ID NAME DRIVER SCOPE
afe56d56e885 bridge bridge local #两个网桥类型的网络
d7bec9927f81 host host local
667b903f4075 lnmp bridge local #两个网桥类型的网络
f6a3b8b5b791 none null local
#查看容器进程
[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d663a10a9a91 richarvey/nginx-php-fpm "docker-php-entrypoi…" 31 minutes ago Up 16 minutes 443/tcp, 0.0.0.0:80->80/tcp, 9000/tcp lnmp_web
fc07a004fb39 mysql:5.6 "docker-entrypoint.s…" About an hour ago Up 17 minutes 0.0.0.0:3306->3306/tcp lnmp_mysql
#查看容器lnmp_mysql的网络信息
[root@localhost ~]# docker inspect lnmp_mysql | grep -A 15 "Networks"
"Networks": {
"lnmp": { #网络类型lnmp
"IPAMConfig": null,
"Links": null,
"Aliases": [
"fc07a004fb39"
],
"NetworkID": "667b903f4075521852260a105b60f6d572943eb3579af179ff813cab2ffc91e0",
"EndpointID": "1162255edafe8fc89de364857e2218949a7748a0e6ea4dc78b71bb191483180d",
"Gateway": "172.18.0.1", #网关172.18.0.1,这就是网桥667b903f4075
"IPAddress": "172.18.0.2", #容器IP172.18.0.2
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:02",
#查看容器lnmp_web的网络信息
[root@localhost ~]# docker inspect lnmp_web | grep -A 15 "Networks"
"Networks": {
"lnmp": { #网络类型lnmp
"IPAMConfig": null,
"Links": null,
"Aliases": [
"d663a10a9a91"
],
"NetworkID": "667b903f4075521852260a105b60f6d572943eb3579af179ff813cab2ffc91e0",
"EndpointID": "7eef119f7379f7be1c1b663330030178f396cdbdbbc1a17c2bedafbfcae664e2",
"Gateway": "172.18.0.1", #网关172.18.0.1,这就是网桥667b903f4075
"IPAddress": "172.18.0.3", #容器IP172.18.0.3
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:03",
1.2 host网络类型
#启动一个网络类型为host的容器
[root@localhost ~]# docker run -dit --name test2 --network host centos:latest /bin/bash
05aa54619f781270c8141415a48b497293db2885fecbba2173e708acb0ebd8a6
#查看容器的IP
[root@localhost ~]# docker exec test2 hostname -I
192.168.100.102 172.17.0.1 172.18.0.1
#查看主机的IP
[root@localhost ~]# hostname -I
192.168.100.102 172.17.0.1 172.18.0.1
1.3 none网络类型(用于建立与宿主机的桥接模式)
#启动一个网络类型为none的容器
[root@localhost ~]# docker run -dit --name test3 --network none centos:latest /bin/bash
18b28e2bd047b72fc7d066bc4c23a112c87b40d23b49402353a643ce807e2a5b
#查看容器IP地址
[root@localhost ~]# docker exec test3 hostname -I
[root@localhost ~]#
查询后发现,什么IP地址都没有,是的,none类型就是暂时不给容器指定网卡。
1.4 container网络类型
指定新容器使用指定容器的网卡
#启动一个容器,网络类型container,使用test容器的网卡
[root@localhost ~]# docker run -dit --name test4 --network container:test centos:latest /bin/bash
1cf52755171878ca8ddf6ba6075a2e56017d6e793125dabf4635b718fde6c65d
[root@localhost ~]# docker inspect test | grep -A 15 "Networks"
"Networks": {
"bridge": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "afe56d56e8850c2d6a3a76bfb37e5f72b8f404bd098c9226580e2a17f7c7d6ac",
"EndpointID": "c4a379c6b9c9575f6305619f502dc59228ee7d0c4188983fd973a7fb12d6dbd4",
"Gateway": "172.17.0.1", #test容器的网关
"IPAddress": "172.17.0.3", #test容器模式网桥
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:11:00:03",
"DriverOpts": null
}
[root@localhost ~]# docker inspect test4 | grep -A 15 "Networks"
"Networks": {} #test4容器并没有自己的网络设置
}
}
]
[root@localhost ~]# docker exec test4 hostname -I #test4没有网络设置却有IP地址和test容器完全一样
172.17.0.3
- 桥接宿主机网络与配置固定IP地址
2.1 建立网桥桥接到宿主机网络
#构建一个永久生效的网桥br0
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-br0
[root@localhost network-scripts]# vim ifcfg-br0
TYPE="Bridge"
BOOTPROTO="static"
DEFROUTE="yes"
DEVICE="br0"
ONBOOT="yes"
IPADDR="192.168.100.102"
NETMASK="255.255.255.0"
GATEWAY="192.168.100.2"
DNS1="192.168.100.2"
[root@localhost network-scripts]# vim ifcfg-ens33
TYPE="Ethernet"
BOOTPROTO="none"
NAME="ens33"
DEVICE="ens33"
ONBOOT="yes"
BRIDGE="br0"
[root@localhost network-scripts]# service network restart
Restarting network (via systemctl): [ OK ]
#查看网卡IP
[root@localhost network-scripts]# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 #桥接模式
inet 192.168.100.102 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::20c:29ff:fef3:64a7 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:f3:64:a7 txqueuelen 1000 (Ethernet)
RX packets 33 bytes 2236 (2.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 38 bytes 3134 (3.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
br-667b903f4075: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 #单独成为一个网段,就是nat 模式
inet 172.18.0.1 netmask 255.255.0.0 broadcast 172.18.255.255
inet6 fe80::42:8dff:fe3a:c2ec prefixlen 64 scopeid 0x20<link>
ether 02:42:8d:3a:c2:ec txqueuelen 0 (Ethernet)
RX packets 42 bytes 4166 (4.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 42 bytes 4166 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
inet6 fe80::42:9bff:fee2:59d2 prefixlen 64 scopeid 0x20<link>
ether 02:42:9b:e2:59:d2 txqueuelen 0 (Ethernet)
RX packets 2663 bytes 110848 (108.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3979 bytes 8292008 (7.9 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::20c:29ff:fef3:64a7 prefixlen 64 scopeid 0x20<link> #ens32网卡已经没有IP地址了
ether 00:0c:29:f3:64:a7 txqueuelen 1000 (Ethernet)
RX packets 330803 bytes 440802045 (420.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 116491 bytes 9529329 (9.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 42 bytes 4166 (4.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 42 bytes 4166 (4.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
veth1a60856: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::f4c8:46ff:feaf:cd81 prefixlen 64 scopeid 0x20<link>
ether f6:c8:46:af:cd:81 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vetha2fc6d8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::c48d:92ff:fe9e:14c0 prefixlen 64 scopeid 0x20<link>
ether c6:8d:92:9e:14:c0 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8 bytes 648 (648.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethc4bf794: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::886b:40ff:feae:6c3d prefixlen 64 scopeid 0x20<link>
ether 8a:6b:40:ae:6c:3d txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10 bytes 756 (756.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
vethf6a6a51: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::504d:12ff:fe02:8950 prefixlen 64 scopeid 0x20<link>
ether 52:4d:12:02:89:50 txqueuelen 0 (Ethernet)
RX packets 88 bytes 136668 (133.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 136 bytes 13705 (13.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost network-scripts]# brctl show
bridge name bridge id STP enabled interfaces
br-667b903f4075 8000.02428d3ac2ec no vethc4bf794
vethf6a6a51
br0 8000.000c29f364a7 no ens33
docker0 8000.02429be259d2 no veth1a60856
vetha2fc6d8
将none的网卡指定成br0,就达到桥接的目的了
把网桥绑定到物理网卡,称为桥接
2.2 通过pipework工具配置容器固定IP
pipework工具下载地址:https://github.com/jpetazzo/pipework.git
#解压安装pipework工具
[root@localhost ~]# yum -y install unzip
[root@localhost ~]# unzip pipework-master.zip
Archive: pipework-master.zip
ae42f1b5fef82b3bc23fe93c95c345e7af65fef3
creating: pipework-master/
extracting: pipework-master/.gitignore
inflating: pipework-master/LICENSE
inflating: pipework-master/README.md
inflating: pipework-master/docker-compose.yml
creating: pipework-master/doctoc/
inflating: pipework-master/doctoc/Dockerfile
inflating: pipework-master/pipework
inflating: pipework-master/pipework.spec
[root@localhost ~]# mv pipework-master /usr/local/
[root@localhost ~]# ln -s /usr/local/pipework-master/pipework /usr/local/bin/
[root@localhost ~]# which pipework
/usr/local/bin/pipework
#对网络类型为none的容器,通过pipework配置固定ip地址
[root@localhost ~]# docker exec test3 hostname -I
[root@localhost ~]# pipework br0 test3 192.168.100.199/24@192.168.100.2 #设置容器固定IP为192.168.100.199/24 网关192.168.100.2
[root@localhost ~]# docker exec test3 hostname -I #有IP了
192.168.100.199
[root@localhost ~]# ping 192.168.100.199 #宿主机ping能通
PING 192.168.100.199 (192.168.100.199) 56(84) bytes of data.
64 bytes from 192.168.100.199: icmp_seq=1 ttl=64 time=0.645 ms
64 bytes from 192.168.100.199: icmp_seq=2 ttl=64 time=0.285 ms
64 bytes from 192.168.100.199: icmp_seq=3 ttl=64 time=0.083 ms
^C
--- 192.168.100.199 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 0.083/0.337/0.645/0.233 ms
#进入test3容器
[root@localhost ~]# docker exec -it test3 /bin/bash
[root@18b28e2bd047 /]# ping www.baidu.com #能连接外网
PING www.a.shifen.com (220.181.112.244) 56(84) bytes of data.
64 bytes from 220.181.112.244 (220.181.112.244): icmp_seq=1 ttl=128 time=5.34 ms
64 bytes from 220.181.112.244 (220.181.112.244): icmp_seq=2 ttl=128 time=5.00 ms
64 bytes from 220.181.112.244 (220.181.112.244): icmp_seq=3 ttl=128 time=5.50 ms
64 bytes from 220.181.112.244 (220.181.112.244): icmp_seq=4 ttl=128 time=4.83 ms
^C
--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 4.837/5.175/5.509/0.280 ms
通过windows宿主机ping虚拟机中的容器进程IP进行测试
综上,外部机器访问虚拟机中的容器进程也可以连通了
Docker的镜像制作
在使用k8s时,一般把dockerfile编写成公网下载的形式,方便管理。
- Dockerfile常用指令介绍
| 指令 | 描述 |
|---|---|
| FROM | 构建的新镜像是基于哪个镜像。例如:FROM centos:6 |
| MAINTAINER | 镜像维护者姓名或邮箱地址。例如:MAINTAINER daisy |
| RUN | 构建镜像时运行的Shell命令。例如:RUN [“yum”,“install”,“httpd”] |
| 或者RUN yum install httpd | |
| CMD | 运行容器时执行的Shell命令(可以被运行时传递的参数覆盖)。例如:CMD ["-c","/start.sh"] |
| 或者CMD ["/usr/sbin/sshd","-D"]或者CMD /usr/sbin/sshd -D | |
| EXPOSE | 声明容器运行的服务端口。例如:EXPOSE 80 443 |
| ENV | 设置容器内环境变量。例如:ENV MYSQL_ROOT_PASSWORD 123456 |
| ADD | 拷贝文件或目录到镜像(可以自动解压缩或者下载) |
| 例如:ADD [“src”,“dest”]或者ADD https://xxx.com/html.tar.gz /var/www/html | |
| 或者:ADD html.tar.gz /var/www/html | |
| COPY | 拷贝文件或目录到镜像(不能自动解压缩)。例如:COPY ./start.sh /start.sh |
| ENTRYPOINT | 运行容器时执行的Shell命令(不能被运行时传递的参数覆盖,一般会把后面的命令看作参数)。例如:ENTRYPOINT ["/bin/bash","-c","/start.sh",] |
| 或者ENTRYPOINT /bin/bash -c “/start.sh” | |
| VOLUME | 指定容器挂载点到宿主机自动生成的目录或其他容器 |
| 例如:VOLUME ["/var/lib/mysql"] | |
| USER | 为RUN,CMD和ENTRYPOINT执行命令指定运行用户 |
| 例如:USER daisy | |
| WORKDIR | 为RUN,CMD,ENTRYPOINT,COPY和ADD设置工作目录(指定进入容器中默认被切换的目录)。 |
| 例如:WORKDIR /data | |
| HEALTHCHECK | 健康检查。例如:HEALTHCHECK --interval=5m --timeout=3s --retries=3 |
CMD curl -f http://localhost/ || exit 1 | |
| ARG | 在构建镜像时指定一些参数。例如:ARG user |
- 利用Dockerfile编写简单的nginxWeb镜像
#首先我们开启ipv4转发
[root@localhost ~]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
[root@localhost ~]# sysctl -p
net.ipv4.ip_forward = 1
#创建nginx的镜像目录
[root@localhost ~]# echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
[root@localhost ~]# sysctl -p
net.ipv4.ip_forward = 1
[root@localhost ~]# mkdir -p dockerfile/lib/centos/nginx
[root@localhost ~]# cd dockerfile/lib/centos/nginx
#准备Dockerfile文件
[root@localhost nginx]# vim Dockerfile
FROM centos:7
MAINTAINER www.yunjisuan.com
RUN yum install -y gcc gcc-c++ make openssl-devel pcre-devel
ADD nginx-1.12.1.tar.gz /tmp
RUN cd /tmp/nginx-1.12.1 && \
./configure --prefix=/usr/local/nginx && \
make -j 2 && \ #-j 2 表示启用两个核进行编译,默认一个核进行编译,启用的核数越多,编译速度越快
make install
RUN rm -rf /tmp/nginx-1.12.1* && yum clean all #清空缓存是将镜像最小化
COPY nginx.conf /usr/local/nginx/conf
WORKDIR /usr/local/nginx #定义工作目录,一进入容器默认出现在安装目录下
EXPOSE 80 #开放80端口
CMD ["./sbin/nginx", "-g", "daemon off;"] #CMD命令是构建完容器之后运行的命令,以相对路径的方式启动nginx的非守护模式,-g取消daemon的方式强制让nginx在前台
#将事先准备好的nginx-1.12.1.tar.gz和nginx.conf配置文件拷贝到当前目录下
[root@localhost nginx]# ls
Dockerfile nginx-1.12.1.tar.gz nginx.conf
[root@localhost nginx]# cat nginx.conf
user root;
worker_processes auto;
error_log logs/error.log info;
pid logs/nginx.pid;
events {
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
root html;
index index.html index.php;
location ~ \.php$ {
root html;
fastcgi_pass lnmp_php:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
[root@localhost nginx]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7042885a156a 2 weeks ago 109MB
mysql 5.6 27e29668a08a 2 weeks ago 256MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
richarvey/nginx-php-fpm latest 359a8d82408a 2 months ago 304MB
[root@localhost nginx]# docker tag centos:latest centos:7
[root@localhost nginx]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx latest 7042885a156a 2 weeks ago 109MB
mysql 5.6 27e29668a08a 2 weeks ago 256MB
centos 7 1e1148e4cc2c 5 weeks ago 202MB #centos:latest的软连接
centos latest 1e1148e4cc2c 5 weeks ago 202MB
richarvey/nginx-php-fpm latest 359a8d82408a 2 months ago 304MB
#build基于nginx的docker镜像
[root@localhost nginx]# docker build -t nginx:v1 .
[root@localhost nginx]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
nginx v1 ade599b4fabd 3 minutes ago 391MB
nginx latest 7042885a156a 2 weeks ago 109MB
mysql 5.6 27e29668a08a 2 weeks ago 256MB
centos 7 1e1148e4cc2c 5 weeks ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
richarvey/nginx-php-fpm latest 359a8d82408a 2 months ago 304MB
ADD与COPY的区别
ADD比COPY多一个功能:一旦ADD把压缩包拷到容器中,它会自动解压,而COPY命令只是复制
- 构建PHP网站平台镜像实战
现在我们创建一个PHP的docker镜像
#创建php的镜像目录
[root@localhost nginx]# mkdir -p /root/dockerfile/lib/centos/php
[root@localhost nginx]# cd /root/dockerfile/lib/centos/php
#准备Dockerfile文件
[root@localhost php]# vim Dockerfile
FROM centos:7
MAINTAINER www.yunjisuan.com
RUN yum install -y gcc gcc-c++ make gd-devel libxml2-devel libcurl-devel libjpeg-devel libpng-devel openssl-devel
ADD php-5.6.31.tar.gz /tmp/
RUN cd /tmp/php-5.6.31 && \
./configure --prefix=/usr/local/php \
--with-config-file-path=/usr/local/php/etc \
--with-mysql --with-mysqli \
--with-openssl --with-zlib --with-curl --with-gd \
--with-jpeg-dir --with-png-dir --with-iconv \
--enable-fpm --enable-zip --enable-mbstring && \
make -j 4 && \
make install && \
cp /usr/local/php/etc/php-fpm.conf.default /usr/local/php/etc/php-fpm.conf && \
sed -i "s/127.0.0.1/0.0.0.0/" /usr/local/php/etc/php-fpm.conf && \
sed -i "21a \daemonize = no" /usr/local/php/etc/php-fpm.conf
COPY php.ini /usr/local/php/etc
RUN rm -rf /tmp/php-5.6.31* && yum clean all
WORKDIR /usr/local/php
EXPOSE 9000
CMD ["./sbin/php-fpm", "-c", "/usr/local/php/etc/php-fpm.conf"]
#将事先准备好的php.ini文件及php-5.6.31.tar.gz拷贝到当前目录下
[root@localhost php]# ls
Dockerfile php-5.6.31.tar.gz php.ini
#build基于php的docker镜像
[root@localhost php]# docker build -t php:1 .
[root@localhost php]# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> a981ac76489d 17 minutes ago 1.06GB
php 1 0f23984b2c77 About an hour ago 964MB
nginx v1 ade599b4fabd About an hour ago 391MB
nginx latest 7042885a156a 2 weeks ago 109MB
mysql 5.6 27e29668a08a 2 weeks ago 256MB
centos 7 1e1148e4cc2c 5 weeks ago 202MB
centos latest 1e1148e4cc2c 5 weeks ago 202MB
richarvey/nginx-php-fpm latest 359a8d82408a 2 months ago 304MB
- 创建nginx-php网络环境,并启动容器
验证单启一个nginx镜像和一个php镜像,两个镜像在同一个网络下进行配合,能否完成解析。容器在同一个自定义网络下,容器名字可以互相解析
#创建一个叫做lnmp的网络
[root@localhost nginx]# docker network create lnmp
[root@localhost nginx]# docker network ls
NETWORK ID NAME DRIVER SCOPE
afe56d56e885 bridge bridge local
d7bec9927f81 host host local
667b903f4075 lnmp bridge local
f6a3b8b5b791 none null local
#创建nginx-php网页挂载目录
[root@localhost nginx]# mkdir -p /app/wwwroot
#启动php容器
[root@localhost php]# docker run -dit --name lnmp_php --network lnmp --mount type=bind,src=/app/wwwroot/,dst=/usr/local/nginx/html php:1
f94bfe7c1225cccc2d56a64157dbc962c6adccee3fa3fcb35f87e5d84ec5b635
[root@localhost php]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f94bfe7c1225 php:1 "./sbin/php-fpm -c /…" 11 seconds ago Up 9 seconds 9000/tcp lnmp_php
d663a10a9a91 richarvey/nginx-php-fpm "docker-php-entrypoi…" 4 hours ago Up 4 hours 443/tcp, 0.0.0.0:80->80/tcp, 9000/tcp lnmp_web
fc07a004fb39 mysql:5.6 "docker-entrypoint.s…" 4 hours ago Up 4 hours 0.0.0.0:3306->3306/tcp lnmp_mysql
[root@localhost php]# docker exec lnmp_php hostname -I
172.18.0.4
#启动nginx容器
[root@localhost php]# docker run -dit --name lnmp_nginx -p 888:80 --network lnmp --mount type=bind,src=/app/wwwroot,dst=/usr/local/nginx/html nginx:v1
62139e102153dc3c3e5000893665ba3b54eb33d1376671121abca510885761fd
[root@localhost php]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
62139e102153 nginx:v1 "./sbin/nginx -g 'da…" 6 seconds ago Up 4 seconds 0.0.0.0:888->80/tcp lnmp_nginx
f94bfe7c1225 php:1 "./sbin/php-fpm -c /…" About a minute ago Up About a minute 9000/tcp lnmp_php
[root@localhost php]# docker exec lnmp_nginx hostname -I
172.18.0.5
#创建测试页面php.info
[root@localhost php]# echo "<?php phpinfo();?>" > /app/wwwroot/index.php
最后通过浏览器进行访问测试
- docke基础阶段作业
- 在nginx-php镜像的基础上构建mysql:1的镜像,并启动lnmp_mysql容器进程
- 实现wordpress博客的部署
- 构建JAVA网站环境镜像实战
#创建java镜像构建存储目录
[root@localhost php]# mkdir -p dockerfile/lib/centos/tomcat
[root@localhost php]# cd dockerfile/lib/centos/tomcat
#将所需软件包拷贝到当前目录下
[root@localhost tomcat]# ls
apache-tomcat-8.0.46.tar.gz Dockerfile jdk-8u45-linux-x64.tar.gz server.xml
#筹备Dockerfile
[root@localhost tomcat]# vim Dockerfile
FROM centos:7
MAINTAINER www.yunjisuan.com
ADD jdk-8u45-linux-x64.tar.gz /usr/local
ENV JAVA_HOME /usr/local/jdk1.8.0_45
ADD apache-tomcat-8.0.46.tar.gz /usr/local
COPY server.xml /usr/local/apache-tomcat-8.0.46/conf
RUN rm -f /usr/local/*.tar.gz
WORKDIR /usr/local/apache-tomcat-8.0.46
EXPOSE 8080
ENTRYPOINT ["./bin/catalina.sh", "run"]
#build基于tomcat的镜像
[root@localhost tomcat]# docker build -t tomcat:1 .
#创建网页挂载目录
[root@localhost tomcat]# mkdir -p /app/webapps
#启动tomcat的容器进程
[root@localhost tomcat]# mkdir -p /app/webapps
[root@localhost tomcat]# docker run -dit --name=tomcat -p 8080:8080 --mount type=bind,src=/app/webapps/,dst=/usr/local/apache-tomcat-8.0.46/webapps tomcat:1
1268f309c77f9c4fff8f16379a71313a5b950930d479058832f6679af2354084
#查看容器进程
[root@localhost tomcat]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1268f309c77f tomcat:1 "./bin/catalina.sh r…" 17 seconds ago Up 14 seconds 0.0.0.0:8080->8080/tcp tomcat
62139e102153 nginx:v1 "./sbin/nginx -g 'da…" 30 minutes ago Up 30 minutes 0.0.0.0:888->80/tcp lnmp_nginx
f94bfe7c1225 php:1 "./sbin/php-fpm -c /…" 31 minutes ago Up 31 minutes 9000/tcp lnmp_php
d663a10a9a91 richarvey/nginx-php-fpm "docker-php-entrypoi…" 4 hours ago Up 4 hours 443/tcp, 0.0.0.0:80->80/tcp, 9000/tcp lnmp_web
fc07a004fb39 mysql:5.6 "docker-entrypoint.s…" 5 hours ago Up 4 hours 0.0.0.0:3306->3306/tcp lnmp_mysql
#创建网站测试页
[root@localhost tomcat]# mkdir -p /app/webapps/ROOT
[root@localhost tomcat]# echo "welcome to yunjisuan" >> /app/webapps/ROOT/index.html
然后我们用浏览器访问8080端口
特别提示:
- tomcat有三种启动方式:
- 直接启动./startup.sh
- 作为服务启动 nohup ./startup.sh &
- 控制台动态输出方式启动./catalina.sh run动态地显示tomcat后台的控制台输出信息,Ctrl+C后退出并关闭服务
- 构建镜像的Dockerfile里的最后一步启动的进程不能是后台模式,否则容器直接退出。因此,nginxWeb镜像构建时,用
CMD ["./sbin/nginx", "-g", "daemon off;"]方式进行启动
Docker企业实战案例一:整套项目一键打包部署
- Docker Compose用法
1.1 介绍
Compose是一个定义和管理多容器的工具,使用Python语言编写。使用Compose配置文件描述多个容器应用的架构,比如使用什么镜像,数据卷,网络,映射端口等;然后一条命令管理所有服务,比如启动,停止,重启等。
1.2 安装
下载docker-compose-linux-x86_64.zip
[root@localhost ~]# ls
anaconda-ks.cfg dockerfile test.tar
docker-compose-linux-x86_64.zip pipework-master.zip wordpress-4.7.4-zh_CN.tar.gz
[root@localhost ~]# which unzip
/usr/bin/unzip
[root@localhost ~]# unzip docker-compose-linux-x86_64.zip
Archive: docker-compose-linux-x86_64.zip
inflating: docker-compose
[root@localhost ~]# ll docker-compose
-rw-r--r-- 1 root root 8858496 Aug 31 2017 docker-compose
[root@localhost ~]# chmod +x docker-compose
[root@localhost ~]# mv docker-compose /usr/bin/
[root@localhost ~]# which docker-compose
/usr/bin/docker-compose
1.3 YAML文件格式及编写注意事项
YAML是一种标记语言很直观的数据序列化格式,可读性高。类似于XML数据描述语言,语法比XML简单的很多。
YAML数据结构通过缩进来表示,连续的项目通过减号来表示,键值对用冒号分隔,数组用中括号括起来,hash用花括号括起来。
-YAML文件格式注意事项:
- 不支持制表符tab键缩进,需要使用空格缩进
- 通常开头缩进2个空格
- 字符后缩进1个空格,如冒号,逗号,横杆
- 用井号注释
- 如果包含特殊字符用单引号引起来
- 布尔值(true,false,yes,no,on,off)必须用引号括起来,这样分析器会将他们解释为字符串。
- 配置文件常用字段
| 字段 | 描述 |
|---|---|
| build | 下级字段dockerfile:指定Dockerfile文件名 |
| 下级字段context:构建镜像上下文路径 | |
| image | 指定镜像 |
| command | 执行命令,覆盖默认命令 |
| container_name | 指定容器名称 |
| deploy | 指定部署和运行服务相关配置,只能在Swarm模式使用 |
| environment | 添加环境变量 |
| networks | 加入网络,引用顶级networks下条目 |
| ports | 暴露端口,与-p相同,但端口不能低于60 |
| volumes | 挂载宿主机路径或命名卷。如果是命名卷在顶级volumes定义卷名称 |
| restart | 重启策略,默认no,always\ on-failure\ unless-stopped |
| hostname | 容器主机名 |
- 常用命令
| 字段 | 描述 |
|---|---|
| build | 重新构建服务 |
| ps | 列出容器 |
| up | 创建和启动容器 |
| exec | 在容器里执行命令 |
| scale | 指定一个服务容器启动数量 |
| top | 显示容器进程 |
| logs | 查看容器输出 |
| down | 删除容器,网络,数据卷和镜像 |
| stop/start/restart | 停止/启动/重启服务 |
- 例如:
[root@localhost compose_lnmp]# cat docker-compose.yml
version: '3'
services:
nginx:
hostname: nginx
build:
context: ./nginx
dockerfile: Dockerfile
ports:
- 81:80
networks:
- lnmp
volumes:
- ./wwwroot:/usr/local/nginx/html
php:
hostname: php
build:
context: ./php
dockerfile: Dockerfile
networks:
- lnmp
volumes:
- ./wwwroot:/usr/local/nginx/html #nginx与php网页目录的路径必须相同
mysql:
hostname: mysql
image: mysql:5.6
ports:
- 3306:3306
networks:
- lnmp
volumes:
- ./mysql/conf:/etc/mysql/conf.d
- ./mysql/data:/var/lib/mysql
command: --character-set-server=utf8
environment:
MYSQL_ROOT_PASSWORD: 123456
MYSQL_DATABASE: wordpress
MYSQL_USER: user
MYSQL_PASSWORD: user123
networks:
lnmp:
- 一键部署LNMP网站平台实战
#查看compose_lnmp包
[root@localhost lib]# tree compose_lnmp/
compose_lnmp/
├── docker-compose.yml #docker-compose启动接口文件
├── mysql
│ ├── conf
│ │ └── my.cnf #mysql配置文件
│ └── data #待挂载mysql数据目录
├── nginx
│ ├── Dockerfile #自定义nginx的Docker镜像配置文件
│ ├── nginx-1.12.1.tar.gz #源码包
│ └── nginx.conf #nginx配置文件
├── php
│ ├── Dockerfile #自定义php的Docker镜像配置文件
│ ├── php-5.6.31.tar.gz #源码包
│ └── php.ini #php解析器配置文件
└── wwwroot #nginx容器和php容器待挂载的网页目录
└── index.php #网页测试文件
6 directories, 9 files
#一键部署LNMP
[root@locahost compose_lnmp]# docker-compose -f docker-compose.yml up
浏览器访问:
[root@localhost ~]# tar xf wordpress-4.7.4-zh_CN.tar.gz -C dockerfile/lib/compose_lnmp/wwwroot/
[root@localhost ~]# cd dockerfile/lib/compose_lnmp/wwwroot/
[root@localhost wwwroot]# ls
index.php wordpress
[root@localhost compose_lnmp]# docker exec -it composelnmp_mysql_1 /bin/bash
root@mysql:/# pwd
/
root@mysql:/# ls
bin dev entrypoint.sh home lib64 mnt proc run srv tmp var
boot docker-entrypoint-initdb.d etc lib media opt root sbin sys usr
root@mysql:/# mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.42 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| wordpress |
+--------------------+
4 rows in set (0.10 sec)
#一键查看所有部署的容器进程
[root@localhost compose_lnmp]# docker-compose -f docker-compose.yml ps
Name Command State Ports
-------------------------------------------------------------------------------------
composelnmp_mysql_1 docker-entrypoint.sh --cha ... Up 0.0.0.0:3306->3306/tcp
composelnmp_nginx_1 ./sbin/nginx -g daemon off; Up 0.0.0.0:81->80/tcp
composelnmp_php_1 ./sbin/php-fpm -c /usr/loc ... Up 9000/tcp
#一键终止所有部署的容器进程
[root@localhost compose_lnmp]# docker-compose -f docker-compose.yml stop
Stopping composelnmp_nginx_1 ... done
Stopping composelnmp_php_1 ... done
Stopping composelnmp_mysql_1 ... done
#一键查看所有部署的容器进程
[root@localhost compose_lnmp]# docker-compose -f docker-compose.yml ps
Name Command State Ports
---------------------------------------------------------------------
composelnmp_mysql_1 docker-entrypoint.sh --cha ... Exit 0
composelnmp_nginx_1 ./sbin/nginx -g daemon off; Exit 0
composelnmp_php_1 ./sbin/php-fpm -c /usr/loc ... Exit 0
#一键清理所有部署的容器进程
[root@localhost compose_lnmp]# docker-compose -f docker-compose.yml down
Removing composelnmp_nginx_1 ... done
Removing composelnmp_php_1 ... done
Removing composelnmp_mysql_1 ... done
Removing network composelnmp_lnmp
[root@localhost compose_lnmp]# docker-compose -f docker-compose.yml ps
Name Command State Ports
------------------------------
[root@localhost compose_lnmp]#
- 一键部署Nginx反向代理Tomcat集群实战
#查看compose_nginx_tomcat包
[root@localhost lib]# tree compose_nginx_tomcat/
compose_nginx_tomcat/
├── docker-compose.yml
├── mysql
│ ├── conf
│ │ └── my.cnf #mysql的配置文件
│ └── data #待挂载mysql数据目录
├── nginx
│ ├── Dockerfile #自定义镜像配置文件
│ ├── nginx-1.12.1.tar.gz #源码包
│ └── nginx.conf #nginx配置文件
├── tomcat
│ ├── apache-tomcat-8.0.46.tar.gz #源码包
│ ├── Dockerfile #自定义镜像配置文件
│ └── server.xml #tomcat配置文件
└── webapps
└── ROOT
└── index.html #网页测试文件
7 directories, 9 files
#查看docker-compose的启动接口文件
[root@localhost lib]# cat compose_nginx_tomcat/docker-compose.yml
version: '3'
services:
nginx:
hostname: nginx
build:
context: ./nginx
dockerfile: Dockerfile
ports:
- 82:80
networks:
- lnmt
volumes:
- ./webapps:/opt/webapps
tomcat01:
hostname: tomcat01
build: ./tomcat
networks:
- lnmt
volumes:
- /usr/local/jdk1.8.0_45:/usr/local/jdk1.8.0_45
- ./webapps:/usr/local/apache-tomcat-8.0.46/webapps
tomcat02:
hostname: tomcat02
build: ./tomcat
networks:
- lnmt
volumes:
- /usr/local/jdk1.8.0_45:/usr/local/jdk1.8.0_45 #docker宿主机的java环境被挂载了!
- ./webapps:/usr/local/apache-tomcat-8.0.46/webapps
mysql:
hostname: mysql
image: mysql:5.6
ports:
- 3307:3306
networks:
- lnmt
volumes:
- ./mysql/conf:/etc/mysql/conf.d
- ./mysql/data:/var/lib/mysql
environment:
MYSQL_ROOT_PASSWORD: 123456
MYSQL_DATABASE: db
MYSQL_USER: user
MYSQL_PASSWORD: user123
networks:
lnmt:
#由于tomcat容器进程需要挂载docker宿主机本地的java环境
#所以在docker宿主机本地安装jdk-8u45-linux-x64.tar.gz
[root@localhost ~]# tar xf jdk-8u45-linux-x64.tar.gz -C /usr/local/
[root@localhost ~]# ll -d /usr/local/jdk1.8.0_45/
drwxr-xr-x 8 10 143 255 Apr 10 2015 /usr/local/jdk1.8.0_45/
#一键部署ngxin+tomcat反向代理集群
[root@localhost ~]# cd dockerfile/lib/compose_nginx_tomcat/
[root@localhost compose_nginx_tomcat]# pwd
/root/dockerfile/lib/compose_nginx_tomcat
[root@localhost compose_nginx_tomcat]# docker-compose -f docker-compose.yml up
浏览器访问:
[root@localhost lib]# docker-compose -f compose_nginx_tomcat/docker-compose.yml ps
Name Command State Ports
--------------------------------------------------------------------------------------------
composenginxtomcat_mysql_1 docker-entrypoint.sh mysqld Up 0.0.0.0:3307->3306/tcp
composenginxtomcat_nginx_1 ./sbin/nginx -g daemon off; Up 0.0.0.0:82->80/tcp
composenginxtomcat_tomcat01_1 ./bin/catalina.sh run Up 8080/tcp
composenginxtomcat_tomcat02_1 ./bin/catalina.sh run Up 8080/tcp
10万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
